Security Operations Analyst

RISCPoint Advisory Group Security Operations Analyst Remote
· Full time Apply for Security Operations Analyst

RISCPoint is seeking a Security Operations Analyst responsible for supporting and maintaining the ongoing security and compliance posture of FedRAMP-authorized information systems.

RISCPoint was founded with the vision to seamlessly integrate with your team, utilizing only high-performing professionals with deep technical and operational experience to fulfill your security and compliance needs. Our diverse team has served companies ranging from Fortune 10 to pre-series A start-ups. Our first priority is to understand your specific needs, only recommending services we are certain will deliver a meaningful return on investment.

We provide business-focused risk, technology and cybersecurity solutions, specifically tailored to your organization.

RISCPoint is seeking a Security Operations Analyst responsible for supporting and maintaining the ongoing security and compliance posture of FedRAMP-authorized information systems through the execution of continuous monitoring, vulnerability management, and security operations activities. This role includes proactively identifying, analyzing, and responding to security events and incidents, performing regular vulnerability assessments and remediation tracking, and ensuring system configurations, controls, and documentation remain aligned with FedRAMP, NIST, and organizational security requirements.

The Security Operatins Analyst collaborates with engineering, compliance, and operational teams to validate control effectiveness, support audit and assessment activities, and maintain accurate system security documentation, including SSP updates, POA&M management, and risk reporting. This position plays a critical role in safeguarding federal data, ensuring regulatory compliance, and strengthening the overall resilience and security maturity of authorized cloud environments.

• Utilize and maintain automated security tooling for monitoring and response within customer environments
• On-call rotation to provide rapid response to potential security incidents
• Incident response notification and communications
• Conduct routine vulnerability assessments and provide remediation guidance
• Perform weekly vulnerability scans using approved scanning tools
• Analyze vulnerability scan results and coordinate remediation efforts
• Monitor security alerts from SIEM, IDS/IPS, and other security tools
• Track security metrics and maintain compliance dashboards
• Maintain FedRAMP Continuous Monitoring compliance including Cloud Security Posture Management

• Conduct quarterly threat hunting exercises
• Assist with monthly Con Mon reporting deliverables
• Maintain Plan of Action & Milestones (POA&M) documentation
• Support 3
  
  PAO assessments and audits

• Configure and maintain security monitoring platforms
• Tune security tools to reduce false positives
• Develop custom detection rules and alerts
• Create security dashboards and reports

• 2-4 years in security operations, incident response, or SOC analyst role
• 1-2 years working in AWS, particularly AWS Gov Cloud
• Experience with vulnerability management and remediation
• Hands‑on experience with SIEM platforms and security monitoring tools
• Experience analyzing security logs and investigating incidents

• Security+ or equivalent DoD 8570 IAT Level II certification
• One of: ISC2 CISSP/CCSP, GIAC GCIH (Preferred)
• One of: AWS Security Specialist, AWS Certified Solutions Architect – Associate (Preferred)

• Security Tools:
  Tenable Nessus, Qualys, Rapid7, other vulnerability scanners
• Cloud Security: AWSGuard
  
  Duty, AWS Security Hub, Cloud Trail, VPC Flow Logs, AWS IAM
• Endpoint Security:
  Crowd Strike, Carbon Black, Microsoft Defender
• Incident Response:
  Experience with IR frameworks (NIST 800-61)

• Base Salary + Bonus
• Company Paid Health Insurance
• Company Paid Dental Insurance
• Company Paid Vision Insurance
• 401k with 3% Company Contribution (Traditional & Roth Options)